
ベストISC SSCP日本語学習ガイドと問題集は2024年更新
トップクラスISC SSCP日本語試験最先端学習ガイド!練習問題バージョン
質問 # 528
同期動的パスワード トークン:
- A. トークンは、一定の時間間隔で新しいパスワード値を生成します (このパスワードは、秘密鍵で暗号化された時刻に基づく場合があります)。
- B. 一意のパスワードは、所有者の PIN と共にシステムまたはワークステーションに入力されません。
- C. トークンは、一定の時間間隔で一意ではない新しいパスワード値を生成します (このパスワードは、秘密鍵で暗号化された時刻に基づく場合があります)。
- D. システムまたはワークステーションの認証エンティティは、所有者の秘密鍵と PIN を知っており、エンティティは、入力されたパスワードが無効であること、および無効な時間帯に入力されたことを確認します。
正解:A
解説:
Synchronous dynamic password tokens:
- The token generates a new password value at fixed time intervals (this password could be the time of day encrypted with a secret key).
- the unique password is entered into a system or workstation along with an owner's PIN.
- The authentication entity in a system or workstation knows an owner's secret key and PIN, and the entity verifies that the entered password is valid and that it was entered during the valid time window.
質問 # 529
次のリカバリ プランのテスト結果のうち、経営陣にとって最も役立つものはどれですか?
- A. 各アクティビティの説明。
- B. さまざまなアクティビティを実行するのにかかった時間。
- C. 成功したアクティビティと失敗したアクティビティのリスト。
- D. 完了した作業量。
正解:A
解説:
Is the least expensive because it is basically a structure with power and would be the most difficult to test because you would have to install all of the hardware infrastructure in order for it to be operational for the test.
The following answers are incorrect:
non-mobile hot site. Is incorrect because it is more expensive then a cold site and easier to test because all of the infrastructure is in place.
mobile hot site. Is incorrect because it is more expensive then a cold site and easier to test because all of the infrastructure is in place.
warm site. Is incorrect because it is more expensive then a cold site and easier to test because more of the infrastructure is in place.
質問 # 530
次のうち、BIA を作成する際に考慮すべき特定の損失基準でないものはどれですか?
- A. 収益の損失
- B. 評判の低下
- C. 熟練労働者の知識の喪失
- D. 利益の損失
正解:C
解説:
Although a loss of skilled workers knowledge would cause the company a great loss, it is not identified as a specific loss criteria. It would fall under one of the three other criteria listed as distracters. Source: HARRIS, Shon, All-In-One CISSP Certification Exam Guide, McGraw-Hill/Osborne, 2002, chapter 9: Disaster Recovery and Business continuity (page 598).
質問 # 531
シングル サインオン (SSO) の特徴は次のうちどれですか?
- A. 利便性と集中管理
- B. 利便性
- C. 利便性と集中化されたネットワーク管理
- D. 利便性と一元化されたデータ管理
正解:A
解説:
Convenience -Using single sign-on users have to type their passwords only once when they first log in to access all the network resources; and Centralized Administration as some single sign-on systems are built around a unified server administration system. This allows a single administrator to add and delete accounts across the entire network from one user interface.
The following answers are incorrect:
Convenience - alone this is not the correct answer.
Centralized Data or Network Administration - these are thrown in to mislead the student. Neither are a benefit to SSO, as these specifically should not be allowed with just an SSO.
References: TIPTON, Harold F. & KRAUSE, MICKI, Information Security Management Handbook, 4th Edition, Volume 1, page 35. TIPTON, Harold F. & HENRY, Kevin, Official (ISC)2 Guide to the CISSP CBK, 2007, page
180.
質問 # 532
Kerberos が提供する主なサービスは次のうちどれですか?
- A. 否認不可
- B. 認可
- C. 守秘義務
- D. 認証
正解:D
解説:
authentication. Kerberos is an authentication service. It can use
single-factor or multi-factor authentication methods.
The following answers are incorrect:
non-repudiation. Since Kerberos deals primarily with symmetric cryptography, it does not help with non-repudiation.
confidentiality. Once the client is authenticated by Kerberos and obtains its session key and ticket, it may use them to assure confidentiality of its communication with a server; however, that is not a Kerberos service as such.
authorization. Although Kerberos tickets may include some authorization information, the meaning of the authorization fields is not standardized in the Kerberos specifications, and authorization is not a primary Kerberos service.
The following reference(s) were/was used to create this question:
ISC2 OIG,2007 p. 179-184 Shon Harris AIO v.3 152-155
質問 # 533
次の生体認証パラメーターのうち、長期間にわたる認証の使用に適しているのはどれですか?
- A. アイリスパターン
- B. シグネチャ ダイナミクス
- C. ボイスパターン
- D. 網膜パターン
正解:A
解説:
The iris pattern is considered lifelong. Unique features of the iris are: freckles, rings, rifts, pits, striations, fibers, filaments, furrows, vasculature and coronas. Voice, signature and retina patterns are more likely to change over time, thus are not as suitable for authentication over a long period of time without needing re-enrollment.
質問 # 534
次の鍵のうち、寿命が最も短いのはどれ?
- A. セッションキー
- B. 公開鍵
- C. 秘密鍵
- D. 秘密鍵
正解:A
解説:
As session key is a symmetric key that is used to encrypt messages between two users. A session key is only good for one communication session between users.
For example , If Tanya has a symmetric key that she uses to encrypt messages between Lance and herself all the time , then this symmetric key would not be regenerated or changed. They would use the same key every time they communicated using encryption.
However , using the same key repeatedly increases the chances of the key being captured and the secure communication being compromised. If , on the other hand , a new symmetric key were generated each time Lance and Tanya wanted to communicate , it would be used only during their dialog and then destroyed. if they wanted to communicate and hour later , a new session key would be created and shared.
The other answers are not correct because :
Public Key can be known to anyone.
Private Key must be known and used only by the owner.
Secret Keys are also called as Symmetric Keys, because this type of encryption relies on each user to keep the key a secret and properly protected.
REFERENCES:
SHON HARRIS , ALL IN ONE THIRD EDITION : Chapter 8 : Cryptography , Page : 619-
質問 # 535
同じ平文から同じ暗号文を生成する 2 つの異なる鍵のインスタンスとして定義できるものは何ですか?
- A. 暗号文の衝突
- B. ハッシュ
- C. キー クラスタリング
- D. キーの衝突
正解:C
解説:
Key clustering happens when a plaintext message generates identical ciphertext messages using the same transformation algorithm, but with different keys.
Source: KRUTZ, Ronald L. & VINES, Russel D., The CISSP Prep Guide: Mastering the Ten Domains of Computer Security, John Wiley & Sons, 2001, Chapter 4: Cryptography (page 130).
質問 # 536
次のステップのうち、ビジネス インパクト分析 (BIA) で実行する最初のステップの 1 つである必要があるのはどれですか?
- A. 目標復旧時間 (RTO) を見積もります。
- B. 組織内のすべての重要なビジネス ユニットを特定します。
- C. 重要な組織機能の特定と優先順位付け
- D. 破壊的なイベントの影響を評価します。
正解:C
解説:
Project Initiation and Management
This is the first step in building the Business Continuity program is project initiation and management. During this phase, the following activities will occur:
Obtain senior management support to go forward with the project Define a project scope, the objectives to be achieved, and the planning assumptions Estimate the project resources needed to be successful, both human resources and financial resources Define a timeline and major deliverables of the project In this phase, the program will be managed like a project, and a project manager should be assigned to the BC and DR domain.
The next step in the planning process is to have the planning team perform a BIA. The BIA will help the company decide what needs to be recovered, and how quickly. Mission functions are typically designated with terms such as critical, essential, supporting and nonessential to help determine the appropriate prioritization.
One of the first steps of a BIA is to Identify and Prioritize Critical Organization Functions. All organizational functions and the technology that supports them need to be classified based on their recovery priority. Recovery time frames for organization operations are driven by the consequences of not performing the function. The consequences may be the result of organization lost during the down period; contractual commitments not met resulting in fines or lawsuits, lost goodwill with customers.
All other answers are incorrect.
Reference(s) used for this question: Hernandez CISSP, Steven (2012-12-21). Official (ISC)2 Guide to the CISSP CBK, Third Edition ((ISC)2 Press) (Kindle Locations 21073-21075). Auerbach Publications. Kindle Edition. Hernandez CISSP, Steven (2012-12-21). Official (ISC)2 Guide to the CISSP CBK, Third Edition ((ISC)2 Press) (Kindle Locations 20697-20710). Auerbach Publications. Kindle Edition.
質問 # 537
暗号化されたクレジット カード番号をインターネット経由で送信するために開発された暗号化プロトコルとインフラストラクチャは、次のうちどれですか?
- A. モンデックス
- B. 安全な電子取引 (SET)
- C. セキュア ハイパーテキスト転送プロトコル (S-HTTP)
- D. セキュア シェル (SSH-2)
正解:B
解説:
SET was developed by a consortium including Visa and MasterCard.
Source: Harris, Shon, CISSP All In One Exam Guide, pages 668-669.
Mondex is a smart card electronic cash system owned by MasterCard.
SSH-2 is a secure, efficient, and portable version of SSH (Secure Shell) which is a secure replacement for telnet.
Secure HTTP is a secure message-oriented communications protocol designed for use in conjunction with HTTP. It is designed to coexist with HTTP's messaging model and to be easily integrated with HTTP applications.
質問 # 538
バイオメトリック識別システムでは、識別に便利な体の部分は次のとおりです。
- A. 声と首
- B. 足と髪
- C. 手、顔、目
- D. 首と口
正解:C
解説:
Today implementation of fast, accurate, reliable, and user-acceptable biometric identification systems are already under way. Because most identity authentication takes place when a people are fully clothed (neck to feet and wrists), the parts of the body conveniently available for this purpose are hands, face, and eyes. From: TIPTON, Harold F. & KRAUSE, MICKI, Information Security Management Handbook, 4th Edition, Volume 1, Page 7.
質問 # 539
次のうち、アクセス制御に関連しない要因はどれですか?
- A. 真贋
- B. 守秘義務
- C. 可用性
- D. 完全性
正解:A
解説:
These factors cover the integrity, confidentiality, and availability components of information system security.
Integrity is important in access control as it relates to ensuring only authorized subjects can make changes to objects.
Authenticity is different from authentication. Authenticity pertains to something being authentic, not necessarily having a direct correlation to access control.
Confidentiality is pertinent to access control in that the access to sensitive information is controlled to protect confidentiality.
vailability is protected by access controls in that if an attacket attempts to disrupt availability they would first need access.
質問 # 540
次のうち、電子メール メッセージの機密性を提供するものはどれですか?
- A. 送信者が受信者の公開鍵で暗号化します。
- B. 送信者が秘密鍵で暗号化します。
- C. 送信者が受信者の秘密鍵で暗号化します。
- D. 送信者が公開鍵で暗号化します。
正解:A
解説:
An e-mail message's confidentiality is protected when encrypted with the receiver's public key, because he is the only one able to decrypt the message. The sender is not supposed to have the receiver's private key. By encrypting a message with its private key, anybody possessing the corresponding public key would be able to read the message. By encrypting the message with its public key, not even the receiver would be able to read the message.
Source: HARRIS, Shon, All-In-One CISSP Certification Exam Guide, McGraw-Hill/Osborne, 2002, chapter 8: Cryptography (page 517).
質問 # 541
より強力なパスワードを使用できる、パスワード管理が容易になる、資格情報が 1 セットである、リソースにすばやくアクセスできるなどの利点があるのは、次のうちどれですか?
- A. スマートカード
- B. 公開鍵基盤 (PKI)
- C. シングル サインオン (SSO)
- D. 対称暗号
正解:C
解説:
The advantages of SSO include having the ability to use stronger passwords, easier administration as far as changing or deleting the passwords, minimize the risks of orphan accounts, and requiring less time to access resources.
Source: KRUTZ, Ronald L. & VINES, Russel D., The CISSP Prep Guide: Mastering the Ten Domains of Computer Security, 2001, John Wiley & Sons, Page 39.
質問 # 542
Sandra は、パケット スニファーである Ethereal を使用して、ネットワーク送信を傍受しました。彼女はいくつかのパスワードを捕捉しました。彼女のネットワーク上でどのような種類の攻撃が行われたのでしょうか?
- A. 中間者攻撃
- B. 不正なサーバー攻撃
- C. 権限昇格攻撃
- D. セッションハイジャック
- E. アクティブな攻撃
正解:A
質問 # 543
プライベートな IP アドレス (つまり、内部ネットワーク用に予約されており、インターネットで使用する有効なアドレスではない) は次のうちどれですか?
- A. 172.31.42.5
- B. 172.140.42.5
- C. 172.15.42.5
- D. 172.12.42.5
正解:C
解説:
Fiber Optic is the most resistant to tapping because Fiber Optic uses a light to transmit the signal.
While there are some technologies that will allow to monitor the line passively, it is very difficult to tap into without detection sot this technology would be the MOST resistent to tapping.
The following answers are in correct:
microwave. Is incorrect because microwave transmissions can be intercepted if in the path of the broadcast without detection.
twisted pair. Is incorrect because it is easy to tap into a twisted pair line. coaxial cable. Is incorrect because it is easy to tap into a coaxial cable line.
質問 # 544
Post Office Protocol Version 3 (POP3) はどのポートを使用しますか?
- A. 0
- B. 110
<ロ>:109 - C. 1
正解:B
解説:
The other answers are not correct because of the following protocol/port numbers matrix:
Post Office Protocol (POP2) 109 Network News Transfer Protocol 119 NetBIOS 139
質問 # 545
セキュリティの 3 つの基本原則は何ですか?
- A. 可用性、説明責任、機密性
- B. 説明責任、機密性、完全性
- C. 機密性、完全性、可用性
- D. 整合性、可用性、説明責任
正解:C
解説:
The following answers are incorrect because:
Accountability, confidentiality and integrity is not the correct answer as Accountability is not one of the fundamental principle of security.
Integrity, availability and accountability is not the correct answer as Accountability is not one of the fundamental principle of security.
Availability, accountability and confidentiality is not the correct answer as Accountability is not one of the fundamental objective of security.
質問 # 546
......
有効なSSCP日本語試験最新問題で2024年最新の学習ガイド:https://jp.fast2test.com/SSCP-JPN-premium-file.html